AMENDMENTS TO THE CLAIMS 
LISTING OF CLAIMS IN THE CASE 

The following listing of claims replaces all previous listing of claims: 
1-12. (Canceled) 

1 3. (Currently Amended) A computer-readable medium having stored 
thereon a program, which when run on a processor, performs a method of 
managing a network, said method comprising: 

a) comparing addresses associated with packets received at a first port in 
said network with expected addresses for said first port to determine 
unexpected addresses; and 

b) tracing a topology of said network to determine a second port at which 
a packet associated with an unexpected address entered said network , locating 
a s e cond port in said network that i3 a sourc e of an unexp e cted address if 3aid 
unexpected addrc33 i3 detected . 

1 4. (Original) The computer-readable medium of Claim 1 3 wherein said 
network is a virtually-wired switching network and said first port couples 
switches in said network and said second port is coupled to a host device. 

1 5. (Currently Amended) The computer-readable medium of Claim 1 3, 
wherein b) of 3aid method comprises tracing a topology of 3aid network to 
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determine said 3ccond port, wherein said network comprises a virtually- wired 
switching fabric and said s e cond port is at the edge of said fabric , 

1 6. (Original) The computer-readable medium of Claim 1 5, wherein said 
method further comprises: 

c) taking corrective action at said second port, wherein said second port 
is coupled to a host device. 

17. (Original) The computer-readable medium of Claim 15, wherein said 
method further comprises: 

c) disabling said second port, wherein said network is a virtually-wired 
switching fabric and said second port is at the edge of said fabric. 

18. (Original) The computer-readable medium of Claim 13 wherein a) of said 
method comprises reading a bridge table to determine learned addresses at said 
first port. 

19. (Original) The computer-readable medium of Claim 13 wherein a) of said 
method is repeated for each interconnect port in said network, wherein said 
network comprises a plurality of switches. 

20. (Original) The computer-readable medium of Claim 13, wherein said 
method further comprises: 
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c) determining changes in physical topology of said network. 

2 1 . (Original) The computer-readable medium of Claim 20 wherein c) of said 
method comprises comparing a physical description of said network with a 
stored physical description of said network. 

22. (Currently Amended) A method of managing a network, said method 
comprising: 

accessing a database of a stored physical topology of said network to 
obtain authorized addresses at host ports of switches: 

[[a)]] configuring a switch in said network to forward a packet received 
at a first port if an address associated with said packet is authorized for said 
first port; 

[[b)]] forwarding 3aid packet if said address i3 authorized; and 
[[c)]] comparing a set of learned addresses against a set of expected 
addresses, said learned addresses comprising addresses associated with 
packets processed at a second port, said expected addresses derived from an 
expected configuration of said networkiand 

tracing a topology of said network to fmd a third port where an 
unexpected address entered said network, said third port coupled to a device 
having a media access control (MAC address^ that is said unexpected address . 

23. (Cancelled) 
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24. (Currently Amended) The method of Claim [[23]] 22, further comprising: 
[[e)]] disabling said third port, wherein said network is a virtually-wired 

switching fabric and said third port is at the edge of said fabric. 

25. (Currently Amended) The method of Claim 22, wherein said configuring 
the switch further comprises [ [ing: ] ] configuring the switch to 

[[d)]] drop[[ping]] said packet if said address is not authorized. 

26. (Currently Amended) The method of Claim 22, wherein [[a)]] said 
configuring the switch comprises programming [[a]] the switch in said 
network to recognize authorized addresses for said first port. 

27. (Currently Amended) The method of Claim 22, wherein [[b)]] said 
configuring the switch further comprises configuring the switch to 
forward[[ing]] said packet to a host device if said address is authorized for said 
first port, said first port coupled to said host device. 

28. (Currently Amended) The method of Claim 22, further comprising: 
[[d)]] determining changes in physical topology of said network. 

29. (Currently Amended) The method Claim 28 wherein [[d)]] said 
determining changes in physical topology comprises comparing a physical 
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description of said network with [[a]] said stored physical topology description 
of said network. 

30. (Original) The method of Claim 29 wherein said address is a media access 
control (MAC) address and wherein said network comprises a virtually-wired 
switching fabric. 

3 1 . (Currently Amended) A network comprising: 
a plurality switches; 

said switches interconnected and configured to control communication 
between a plurality of devices coupled to said network; 

a database having stored therein a stored physical topology of said 
network and authorized addresses associated with packets processed at ports 
of said switches, wherein said authorized addresses are based on said stored 
physical topology: [[and]] 

a configuration agent that is able to program said switches based on said 
authorized addresses 

a first switch of said plurality configured to detect a packet having an 
unauthorized m e dia acc e ss control (MAO) address;and 

a management agent that is able to: 

compare addresses learned by said switches against said 

authorized addresses to determine an unauthorized address: and 
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trace a topology of said network to determine a port where a 
packet associated with said unauthorized address entered said network . 

32. (Currently Amended) The network of Claim 3 1 , wherein: 

said first switches [[is]] are further configured to forward said packet if 
said address is authorized. 

33. (Currently Amended) The network of Claim 3 1 , wherein: 

said first switches [[is]] are further configured to drop said packet if 
said address is not authorized. 

34. (Original) The network of Claim 31, wherein there is a one-to-one 
mapping between ports of said switches and ports of said devices. 

35. (New) A network as recited in Claim 31 wherein said addresses are 
medium control access (MAC) addresses. 

36. (New) A network as recited in Claim 31 wherein said network 
comprises a virtually- wired switching fabric. 

37. (New) A network as recited in Claim 3 1 wherein said management 
agent is further able to determine changes in said physical topology of said 
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network and to update said stored physical topology and authorized addresses 
in said database based on said changes. 

38. (New) A network as recited in Claim 37 wherein said configuration 
agent is further able to re-program said switches based on said updates to said 
authorized addresses. 
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